I was very unsure exactly how to setup the sambaSamAccount objectclass for the machine account so I'm thinking this might be where I've gone wrong. The docs for the latest schema don't seem to exist yet, and what I've found seem to assume more Windows knowledge on SIDs and RIDs than I have (which is zero).
I have a working LDAP (SunOne aka IPlanet) with posix accounts so I added a posixAccount to use as the machine account (ns-team-02$ in my case). When I try to add the sambaSamAccount, I must enter a value for sambaSID or there is an objectclass violation but I really don't know what this should be. I've tried using something like this 'S-1-5-21-4229109036-739374524-219139532-1568', where the last '1568' is based on the formula 2*uidNumber+1000. The 'Samba (v.3) PDC LDAP howto' calls the 'S-1-5-21' part 'NT non-unique IDs'. Is this what I want for a machine account?
Also, I don't understand how the sambaPrimaryGroupSID relates to a posixGroup entry, nor what, if anything, I should be doing with sambaGroupMapping objectclass. This has a couple of required attributes, sambaSID again and sambaGroupType, (which I haven't found any docs on). At this point, I've ignored that, which may or may not be causing me my problems.
Any enlightenment that anyone could share on how the various SID/RID attributes in the v3.0 samba schema are meant to work, I'd really appreciate it!
-- Marlys A. Nelson Sr. Network Specialist Information Technology Services Network Services University of Wisconsin - River Falls 715/425-4357 410 South Third Street Email: [EMAIL PROTECTED] River Falls WI 54022 http://www.uwrf.edu/
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
